package com.yidianyanglao.user.controller;

import com.yidianyanglao.common.bean.Notice;
import com.yidianyanglao.common.mapper.CommonMapper;
import com.yidianyanglao.core.bean.AliSecurityBean;
import com.yidianyanglao.core.bean.ErrorReocrd;
import com.yidianyanglao.core.bean.MobileCode;
import com.yidianyanglao.core.bean.RetBean;
import com.yidianyanglao.core.enums.Code;
import com.yidianyanglao.core.enums.NoticeType;
import com.yidianyanglao.core.exception.CustomException;
import com.yidianyanglao.core.util.*;
import com.yidianyanglao.user.bean.LuckyTreeBean;
import com.yidianyanglao.user.bean.RecommRecord;
import com.yidianyanglao.user.bean.SeedDetailsBean;
import com.yidianyanglao.user.bean.UserBean;
import com.yidianyanglao.user.mapper.UserMapper;
import com.yidianyanglao.user.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.*;

/**
 * Created by chenkelong on 2016/10/28.
 */

@Controller
public class UserController {
    @Resource
    private UserMapper userMapper;
    @Resource
    private CommonMapper commonMapper;


    @Resource
    private UserService userService;     //事务服务层

    /**
     * 用户登录获取token
     * @param request
     * @param account
     * @param password
     * @return
     */
    @RequestMapping("/user/login.json")
    @ResponseBody
    public RetBean login(HttpServletRequest request, String account, String password) {

        if(StringUtils.isEmpty(account)){
            throw new CustomException(Code.ERROR, "账号不能为空！");
        }

        if(StringUtils.isEmpty(password)){
            throw new CustomException(Code.ERROR, "密码不能为空！");
        }
        password = DigestUitl.MD5LowerCase(password);
        UserBean userBean = userMapper.getUserId(account,password);
        if(StringUtils.isEmpty(userBean)){
            throw new CustomException(Code.ERROR, "用户名或者密码错误！");
        }
        //五次错误的支付密码
        if(commonMapper.getErrorRecordCount(1,userBean.getId(),DateUtils.getToday())>=5){
            throw new CustomException(Code.PAYWARNING, "您今天已累计5次输入错误的支付密码，账户已被锁定，请于24小时后再操作。如需紧急解锁，请联系客服，客服电话。");
        }
        //判断用户身份
        if(userBean.getUsertype() ==1){
            throw new CustomException(Code.ERROR, "商家请登录后台查看数据哦~");
        }

        if(userBean.getUsertype() ==4){
            throw new CustomException(Code.ERROR, "管理员请登录后台查看数据哦~");
        }
        //更新token
        String token = UUID.randomUUID().toString();
        int result = userMapper.updateUserToken(userBean.getId(),token);
        if(result <=0){
            throw new CustomException(Code.ERROR, "更新token异常！");
        }
        return new RetBean(Code.SUCCESS,"登录成功",token);
    }


    /**
     * 用户注册第一部
     * @param request
     * @param code
     * @param mobile
     * @param password
     * @param pname
     * @param pmobile
     * @return
     */
    @RequestMapping("/user/register.json")
    @ResponseBody
    public RetBean register(HttpServletRequest request, String code, String mobile,String password,String pname,String pmobile,String pid){
        if(StringUtils.isEmpty(mobile)){
            throw new CustomException(Code.ERROR,"电话号码不能为空");
        }
        if(StringUtils.isEmpty(code)){
            throw new CustomException(Code.ERROR,"验证码不能为空");
        }
        if(StringUtils.isEmpty(password)){
            throw new CustomException(Code.ERROR,"密码不能为空");
        }
        if(!VerificationRegular.checkLoginPassword(password)){
            throw new CustomException(Code.ERROR,"密码必须包含字母和数字，8-20位");
        }

        if (!checkMobile(mobile,code)){
            throw new CustomException(Code.ERROR,"验证码验证失败");
        }
        UserBean userBean = userMapper.getUserInfo(mobile);
        if(userBean!=null){
            throw new CustomException(Code.ERROR,"当前号码已经注册，请登录客户端查看并完善资料！");
        }

        if(!StringUtils.isEmpty(pid)){
                userBean = userMapper.getUserByAccount(pid);
        }else{
            if(StringUtils.isEmpty(pname) && StringUtils.isEmpty(pmobile)){
                pid = "157965";   //默认业务员
                userBean = userMapper.getUserByAccount(pid);
            }else{
                userBean = userMapper.getUserByAccount(pmobile);
            }
        }

        //检查推荐用户情况
        if(userBean == null){
            throw new CustomException(Code.ERROR, "推荐用户不存在！");
        }
        //检查通过推荐数据的形式入驻的验证
        if(!StringUtils.isEmpty(pname)){
            if(!userBean.getRealname().equals(pname)){
                throw new CustomException(Code.ERROR, "推荐人用户名与号码不匹配！");
            }
        }

        String token = UUID.randomUUID().toString();
        //推荐人id，推荐人真实姓名，推荐人电话号码
        int retulr = userMapper.addUser(mobile,DigestUitl.MD5LowerCase(password),userBean.getId(),userBean.getRealname(),userBean.getMobile(),token,"http://jielan.oss-cn-hangzhou.aliyuncs.com/jielanwx/ydylsys/head/photo.png");
        if(retulr<=0){
            throw new CustomException(Code.ERROR, "注册发生异常");
        }

        //通过电话号码获取用户信息
        userBean = userMapper.getUserByAccount(mobile);

        //给用户分配权限
        if(userMapper.addGroupRole(userBean.getId())<=0){
            throw new CustomException(Code.ERROR,"身份 异常");
        }

        return new RetBean(Code.SUCCESS,"注册第一部成功",token);
    }





    /**
     * 注册第二部
     * @param request
     * @param realname
     * @param certid
     * @param province
     * @param city
     * @param token
     * @return
     */
    @RequestMapping("/user/updateInfo.json")
    @ResponseBody
    public RetBean updateInfo(HttpServletRequest request, String realname,String certid,String province,String city,String token){

        if(StringUtils.isEmpty(realname)){
            throw new CustomException(Code.ERROR,"姓名不能为空");
        }
        if(StringUtils.isEmpty(province)){
            throw new CustomException(Code.ERROR,"省份不能为空");
        }
        if(StringUtils.isEmpty(city)){
            throw new CustomException(Code.ERROR,"城市不能为空");
        }
        if(StringUtils.isEmpty(certid)){
            throw new CustomException(Code.ERROR,"身份证号码不能为空");
        }

        UserBean userBean = (UserBean)request.getAttribute("request_user");
        if(userBean == null){
            throw new CustomException(Code.ERROR,"用户不存在");
        }
        if(userBean.getStatus()!=2 || userBean.getRegisterStatus() !=1){
            throw new CustomException(Code.ERROR,"用户信息无法修改");
        }

        userBean.setProvince(province);
        userBean.setCity(city);
        userBean.setRealname(realname);
        userBean.setCertid(certid);
        int result = userMapper.updateUserInfo(userBean);
        if(result<=0){
            throw new CustomException(Code.ERROR,"执行数据修改异常");
        }
        return new RetBean(Code.SUCCESS,"身份修改完成",null);
    }

    /**
     * 注册第三部
     * @param request
     * @param paypassword
     * @param token
     * @return
     */

    @RequestMapping("/user/updatePayPas.json")
    @ResponseBody
    public RetBean updatePayPas(HttpServletRequest request, String paypassword,String token){

        if(StringUtils.isEmpty(paypassword)){
            throw new CustomException(Code.ERROR,"支付密码不能为空");
        }

        UserBean userBean = (UserBean)request.getAttribute("request_user");


        if(userBean.getStatus()!=2 || userBean.getRegisterStatus() !=2){
            throw new CustomException(Code.ERROR,"用户信息无法修改");
        }

        //验证密码是否是123456，654321，或者六位相同
        if(!VerificationRegular.checkPayPassword(paypassword)){
            throw new CustomException(Code.ERROR,"密码设置过于简单，请重新设置支付密码!");
        }

        //用户注册第三部，进入事务管理，更新支付密码，分配注册种子，记录推荐，记录消息，生成用户注册树
        userService.updatePayPass(paypassword,userBean);

        return new RetBean(Code.SUCCESS,"支付密码设置成功",null);
    }

    /**
     * 根据token获取用户信息
     * @param request
     * @param response
     * @param token
     * @return
     */
    @RequestMapping("/user/getUserByToken.json")
    @ResponseBody
    public RetBean getUserByToken(HttpServletRequest request, HttpServletResponse response, String token){


        UserBean userBean = (UserBean)request.getAttribute("request_user");

        //获取产生最近一条激励的时间（上一次日值的时间）
        Date date = commonMapper.getPlatformDataDate();

        System.out.println("date:"+date);


        //获取激励的数据  12系别   上一次日值+1天
        //userBean.setYesterdayExcitation(userMapper.getUserYesterdayExcitation(userBean.getId()));
        Map<String,Object> map = userMapper.getUserYesterdayExcitation(userBean.getId(),1, DateUtils.getDateTomorrow(date));
        if(map != null){
            userBean.setYesterdayExcitationA(map.get("change_seed").toString());
            userBean.setYesterdayTreeNumA(map.get("luckytreenum").toString());
        }

        //获取激励的数据  24系别   上一次日值+1天
        map = userMapper.getUserYesterdayExcitation(userBean.getId(),2, DateUtils.getDateTomorrow(date));
        if(map != null){
            userBean.setYesterdayExcitationB(map.get("change_seed").toString());
            userBean.setYesterdayTreeNumB(map.get("luckytreenum").toString());
        }

        return new RetBean(Code.SUCCESS,"请求成功",userBean);

    }


    /**
     *  修改用户登录密码
     * @param request
     * @param response
     * @param token
     * @return
     */
    @RequestMapping("/user/updatePassword.json")
    @ResponseBody
    public RetBean updatePassword(HttpServletRequest request, HttpServletResponse response, String token,String password,String newpassword){


        if(StringUtils.isEmpty(password)){
            throw new CustomException(Code.ERROR,"原始密码不能为空！");
        }
        if(StringUtils.isEmpty(newpassword)){
            throw new CustomException(Code.ERROR,"新密码不能为空！");
        }
        if(!VerificationRegular.checkLoginPassword(newpassword)){
            throw new CustomException(Code.ERROR,"密码必须包含字母和数字，8-20位");
        }
        UserBean userBean = (UserBean) request.getAttribute("request_user");
        if(!userBean.getPassword().equals(DigestUitl.MD5LowerCase(password))){
            throw new CustomException(Code.ERROR,"原始密码错误！");
        }
        if(userBean == null){
            throw new CustomException(Code.ERROR,"用户不存在，请重新登录！");
        }
        //开始修改密码
        int result = userMapper.updateUserPassword(userBean.getId(),DigestUitl.MD5LowerCase(newpassword));
        if(result <=0){
            throw new CustomException(Code.ERROR,"数据更新失败！");
        }
        return new RetBean(Code.SUCCESS,"请求成功",null);
    }

    /**
     *  找回用户登录密码
     * @param request
     * @param response
     * @return
     */
    @RequestMapping("/user/findPassword.json")
    @ResponseBody
    public RetBean findPassword(HttpServletRequest request, HttpServletResponse response, String mobile,String code,String newpassword){


        if(StringUtils.isEmpty(mobile)){
            throw new CustomException(Code.ERROR,"电话号码不能为空！");
        }
        if(StringUtils.isEmpty(code)){
            throw new CustomException(Code.ERROR,"验证码不能为空！");
        }
        if(StringUtils.isEmpty(newpassword)){
            throw new CustomException(Code.ERROR,"新密码不能为空！");
        }

        if(!VerificationRegular.checkLoginPassword(newpassword)){
            throw new CustomException(Code.ERROR,"密码必须包含字母和数字，8-20位");
        }

        //获取验证码
        if(!checkMobile(mobile,code)){
            throw new CustomException(Code.ERROR,"验证码验证失败！");
        }

        UserBean userBean = userMapper.getUserInfo(mobile);

        if(userBean == null){
            throw new CustomException(Code.ERROR,"用户不存在，请重新登录！");
        }

        //开始修改密码
        int result = userMapper.updateUserPassword(userBean.getId(),DigestUitl.MD5LowerCase(newpassword));
        if(result <=0){
            throw new CustomException(Code.ERROR,"数据更新失败！");
        }

        return new RetBean(Code.SUCCESS,"请求成功",userBean);

    }


    /**
     *  修改用户支付密码
     * @param request
     * @param response
     * @param token
     * @return
     */
    @RequestMapping("/user/updatePayPassword.json")
    @ResponseBody
    public RetBean updatePayPassword(HttpServletRequest request, HttpServletResponse response, String mobile,String code ,String token,String paypassword,String newpaypassword){


        if(StringUtils.isEmpty(paypassword)){
            throw new CustomException(Code.ERROR,"原始密码不能为空！");
        }
        if(StringUtils.isEmpty(newpaypassword)){
            throw new CustomException(Code.ERROR,"新密码不能为空！");
        }
        if(StringUtils.isEmpty(mobile)){
            throw new CustomException(Code.ERROR,"电话号码不能为空！");
        }
        if(StringUtils.isEmpty(code)){
            throw new CustomException(Code.ERROR,"验证码不能为空！");
        }

        if(!checkMobile(mobile,code)){
            throw new CustomException(Code.ERROR,"验证码验证失败！");
        }
        UserBean userBean = (UserBean)request.getAttribute("request_user");
        if(!userBean.getPaypwd().equals(DigestUitl.MD5LowerCase(paypassword))){
            throw new CustomException(Code.ERROR,"原始密码错误！");
        }
        if(userBean == null){
            throw new CustomException(Code.ERROR,"用户不存在，请重新登录！");
        }


        //开始支付修改密码
        int result = userMapper.updateUserPayPassword(token,DigestUitl.MD5LowerCase(newpaypassword));
        if(result <=0){
            throw new CustomException(Code.ERROR,"数据更新失败！");
        }
        return new RetBean(Code.SUCCESS,"请求成功",null);
    }

    /**
     * 找回支付密码
     * @param request
     * @param response
     * @param mobile
     * @param code
     * @return
     */
    @RequestMapping("/user/findPayPassword.json")
    @ResponseBody
    public RetBean findPayPassword(HttpServletRequest request, HttpServletResponse response, String mobile,String code,String token){

        //找回支付密码第一部，验证手机验证码，并获取 此次修改的，状态吗

        if(StringUtils.isEmpty(mobile)){
            throw new CustomException(Code.ERROR,"电话号码不能为空！");
        }
        if(StringUtils.isEmpty(code)){
            throw new CustomException(Code.ERROR,"验证码不能为空！");
        }
        if(!checkMobile(mobile,code)){
            throw new CustomException(Code.ERROR,"验证码验证失败！");
        }
        //通过电话号码获取用户数据，检查当前用户是否存在
        UserBean user = (UserBean)request.getAttribute("request_user");
        if(!user.getMobile().equals(mobile)){
            throw new CustomException(Code.ERROR,"身份验证异常，账号不符");
        }

        //记录修改密码的状态码
        String updateToken = UUID.randomUUID().toString();
        MobileCode mobileCode = new MobileCode(mobile,updateToken);
        commonMapper.addMobileCode(mobileCode);
        return new RetBean(Code.SUCCESS,"第一部验证成功",updateToken);
    }


    /**
     * 确认修改支付密码
     * @param request
     * @param response
     * @param updateToken
     * @param token
     * @param newPayPassword
     * @return
     */
    @RequestMapping("/user/findPayPasswordSure.json")
    @ResponseBody
    public RetBean findPayPasswordSure(HttpServletRequest request, HttpServletResponse response, String updateToken,String token,String newPayPassword){

        //找回支付密码第二部

        if(StringUtils.isEmpty(updateToken)){
            throw new CustomException(Code.ERROR,"修改状态码不能为空");
        }

        if(StringUtils.isEmpty(newPayPassword)){
            throw new CustomException(Code.ERROR,"支付密码不能为空");
        }

        //验证密码是否是123456，654321，或者六位相同
        if(!VerificationRegular.checkPayPassword(newPayPassword)){
            throw new CustomException(Code.ERROR,"密码设置过于简单，请重新设置支付密码!");
        }

        UserBean user = (UserBean)request.getAttribute("request_user");

        if(!checkMobile(user.getMobile(),updateToken)){
            throw new CustomException(Code.ERROR,"验证码验证失败");
        }

        int result = userMapper.updatePayPwd(DigestUitl.MD5LowerCase(newPayPassword),user.getId());
        if(result<=0){
            throw new CustomException(Code.ERROR,"支付密码修改失败");
        }

        return new RetBean(Code.SUCCESS,"修改成功",null);
    }

    /**
     * 修改用户绑定电话号码
     * @param request
     * @param response
     * @param code
     * @param newMobile
     * @param token
     * @return
     */
    @RequestMapping("/user/updateMobile.json")
    @ResponseBody
    public RetBean updateMobile(HttpServletRequest request, HttpServletResponse response, String code ,String newMobile,String token,String codetoken){



        if(StringUtils.isEmpty(code)){
            throw new CustomException(Code.ERROR,"验证码不能为空！");
        }
        if(StringUtils.isEmpty(newMobile)){
            throw new CustomException(Code.ERROR,"新手机号不能为空！");
        }
        if(!checkMobile(newMobile,code)){
            throw new CustomException(Code.ERROR,"验证码验证失败！");
        }

        UserBean userBean = userMapper.getUserInfo(newMobile);
        if(userBean!=null){
            throw new CustomException(Code.ERROR,"新手机号码已经被占用！");
        }

        userBean = (UserBean) request.getAttribute("request_user");
        if(userBean == null){
            throw new CustomException(Code.ERROR,"原始用户不存在！");
        }

        if(!checkMobile(userBean.getMobile(),codetoken)){
            throw new CustomException(Code.ERROR,"您当前不是最新版本，请先更新到最新版本后修改。");
        }

        //设置新的电话号码
        userBean.setMobile(newMobile);
        //进入事务管理，更换解绑手机号，更换推荐用户，更换订单用户
        userService.updateMobileRelation(token,newMobile);
        return new RetBean(Code.SUCCESS,"更新成功",null);
    }


    /**
     * 更换头像
     * @param request
     * @param response
     * @param headpic
     * @param token
     * @return
     */
    @RequestMapping("/user/updateHeadpic.json")
    @ResponseBody
    public RetBean updateHeadpic(HttpServletRequest request, HttpServletResponse response, String headpic,String token){


        if(StringUtils.isEmpty(headpic)){
            throw new CustomException(Code.ERROR,"头像地址不能为空！");
        }

        UserBean userBean = (UserBean) request.getAttribute("request_user");
        if(userBean == null){
            throw new CustomException(Code.ERROR,"用户不存在！");
        }

        userBean.setHeadpic(headpic);
        int result = userMapper.updateUserheadpic(headpic,token);
        if(result <= 0){
            throw new CustomException(Code.ERROR,"数据更新异常！");
        }
        return new RetBean(Code.SUCCESS,"更新成功",null);
    }



    /**
     *  转赠功能
     * @param response
     * @param request
     * @return
     */
    @RequestMapping("/user/transferringSeed.json")
    @ResponseBody
    public RetBean transferringSeed(HttpServletResponse response,HttpServletRequest request,String paypassword,double seednum,String token,String touseraccount){


        if(1==1){
            throw new CustomException(Code.ERROR,"功能升级中，暂不支持转赠！");
        }



        if(StringUtils.isEmpty(paypassword)){
            throw new CustomException(Code.ERROR,"支付密码不能为空");
        }
        if(seednum<=0){
            throw new CustomException(Code.ERROR,"种子数应大于0");
        }
        if(StringUtils.isEmpty(token)){
            throw new CustomException(Code.ERROR,"token值不能为空");
        }
        if(StringUtils.isEmpty(touseraccount)){
            throw new CustomException(Code.ERROR,"获赠人信息不能为空");
        }
        UserBean fromUser = userMapper.getUserInfoByToken(token);


        if(commonMapper.getErrorRecordCount(1,fromUser.getId(),DateUtils.getToday())>=5){
            throw new CustomException(Code.PAYWARNING, "您今天已累计5次输入错误的支付密码，账户已被锁定，请于24小时后再操作。如需紧急解锁，请联系客服，客服电话。");
        }

        if(!fromUser.getPaypwd().equals(DigestUitl.MD5LowerCase(paypassword))){
            //密码错误记录
            ErrorReocrd errorReocrd = new ErrorReocrd(1,fromUser.getId(), GetIp.getIp(request),"支付密码错误："+paypassword);
            commonMapper.addErrorRecord(errorReocrd);
            if(commonMapper.getErrorRecordCount(1,fromUser.getId(),DateUtils.getToday())==3){
                //三次提示
                throw new CustomException(Code.ERROR, "您今天已累计3次输入错误的支付密码，再输错2次您的账户将被锁定24小时，请谨慎操作。");
            }else if(commonMapper.getErrorRecordCount(1,fromUser.getId(),DateUtils.getToday())>=5){
                //五次锁定，更新用户
                userService.updateToken(fromUser.getId());
                throw new CustomException(Code.PAYWARNING, "您今天已累计5次输入错误的支付密码，账户已被锁定，请于24小时后再操作。如需紧急解锁，请联系客服，客服电话。");
            }else{
                throw new CustomException(Code.ERROR,"支付密码错误");
            }

        }

        UserBean toUser = userMapper.getUserByAccount(touseraccount);
        if(toUser == null){
            throw new CustomException(Code.ERROR,"获赠人不存在");
        }
        if(toUser.getStatus() != 0){
            throw new CustomException(Code.ERROR,"获赠人未成功注册");
        }

        //检查获赠人身份,花匠和业务员身份支持互相转
        if(toUser.getUsertype()!=0 && toUser.getUsertype()!=2){
            //既不是业务员也不是花匠的身份
            throw new CustomException(Code.ERROR,"获赠用户身份不符！");
        }

        //进入转赠事务
        fromUser = userService.transferringSeed(token,touseraccount,seednum);
        return new RetBean(Code.SUCCESS,"转赠成功",fromUser);

    }


    /**
     * 验证验证码
     * @param mobile
     * @param code
     * @return
     */
    public boolean checkMobile(String mobile ,String code){
        boolean bool = true;
        MobileCode mobileCode = userMapper.getMobileCode(mobile,code);
        if(mobileCode == null){
            bool = false;
        }else{
            userMapper.updateMobileCode(mobileCode.getId());
        }
        //更新使用状态

        return bool;

    }

    /**
     * 获取消息列表
     * @param request
     * @param response
     * @param token
     * @param noticetype
     * @param pagenum
     * @return
     */
    @RequestMapping("/user/getNoticeList.json")
    @ResponseBody
    public RetBean getNoticeList(HttpServletRequest request,HttpServletResponse response,String token,int noticetype,int pagenum){

        if(noticetype<0){
            throw new CustomException(Code.ERROR,"消息类型不能为空");
        }
        if(pagenum<=0){
            throw new CustomException(Code.ERROR,"分页参数异常");
        }
        UserBean user = (UserBean)request.getAttribute("request_user");
        pagenum = (pagenum-1)*10;
        int userid = 0;
        if(noticetype>1){
            // 0 , 1 :是系统消息和系统公告,系统消息默认是0  大于 1 是用户自己的消息
            userid = user.getId();
        }
        List<Notice> lists = userMapper.getNoticeByType(userid,noticetype,pagenum);

        return new RetBean(Code.SUCCESS,"获取消息数据成功",lists);
    }

    /**
     * 首页访问数据获取需要弹窗的消息
     * */
    @RequestMapping("/user/noticeForAlert.json")
    @ResponseBody
    public RetBean noticeForAlert(HttpServletRequest request,HttpServletResponse response){


        List<Notice> lists = userMapper.noticeForAlert();

        return new RetBean(Code.SUCCESS,"获取消息数据成功",lists);
    }

    /**
     * 将用户个人数据进行更新为已读
     * @param request
     * @param response
     * @param token
     * @param id
     * @return
     */
    @RequestMapping("/user/updateToRead.json")
    @ResponseBody
    public RetBean updateToRead(HttpServletRequest request,HttpServletResponse response,String token,int id){

        int result = userMapper.updateToRead(id);
        if(result<=0){
            throw new CustomException(Code.ERROR,"数据更新失败");
        }
        return new RetBean(Code.SUCCESS,"更新成功",null);

    }

    /**
     * 获取每页数据第一条
     * @param request
     * @param response
     * @param token
     * @return
     */
    @RequestMapping("/user/getNoticeListForindex.json")
    @ResponseBody
    public RetBean getNoticeListForindex(HttpServletRequest request,HttpServletResponse response,String token){

        UserBean userBean = (UserBean)request.getAttribute("request_user");
        List<Notice> lists = userMapper.getNoticeListForindex(userBean.getId());
        return new RetBean(Code.SUCCESS,"数据获取成功",lists);

    }

    /**
     * 修改基本数据
     * @param request
     * @param response
     * @param token,realname,certid
     * @return
     */
    @RequestMapping("/user/updateUserBaseInfo.json")
    @ResponseBody
    public RetBean updateUserBaseInfo(HttpServletRequest request,HttpServletResponse response,String realname,String certid,String token,String code){
        if(StringUtils.isEmpty(realname)){
            throw new CustomException(Code.ERROR,"真实姓名不能为空！");
        }
        if(StringUtils.isEmpty(certid)){
            throw new CustomException(Code.ERROR,"身份证号不能为空！");
        }

        //验证验证码是否为空
        if(StringUtils.isEmpty(code)){
            throw new CustomException(Code.ERROR,"您当前不是最新版本，请先更新到最新版本后修改。");
        }

        UserBean user= (UserBean)request.getAttribute("request_user");
        //验证短信验证码
        if (!checkMobile(user.getMobile(),code)){
            throw new CustomException(Code.ERROR,"验证码验证失败");
        }


        user.setRealname(realname);  //更新真实姓名
        user.setCertid(certid);      //更新
        if(userMapper.updateUserBaseInfo(user)<=0){
            throw new CustomException(Code.ERROR,"更新失败，数据异常");
        }
        return new RetBean(Code.SUCCESS,"信息修改成功","");

    }

    @RequestMapping("/user/testTras.json")
    @ResponseBody
    public RetBean testTras(HttpServletRequest request,HttpServletResponse response){
        System.out.println("开始访问");
        try{
            userService.serviceTranscatiuon();
        }catch (Exception e){
            System.out.println(e.toString());
            System.out.println("回滚吧，异常");
        }
        return new RetBean(Code.SUCCESS,"回滚测试",null);
    }


    /**
     * 验证安全登录，如果不安全，返回不安全提示
     * @param request
     * @param response
     * @param account
     * @param password
     * @param sdkToken
     * @param loginType
     * @param source
     * @return
     */
    @RequestMapping("/user/checkAqLogin.json")
    @ResponseBody
    public RetBean checkAqLogin(HttpServletRequest request,HttpServletResponse response,String account, String password,String sdkToken,int loginType,int source){
        String token = "";
        if(StringUtils.isEmpty(account)){
            throw new CustomException(Code.ERROR, "账号不能为空！");
        }
        if(StringUtils.isEmpty(password)){
            throw new CustomException(Code.ERROR, "密码不能为空！");
        }
        if(StringUtils.isEmpty(sdkToken)){
            throw new CustomException(Code.ERROR, "安全参数不能为空！");
        }
        password = DigestUitl.MD5LowerCase(password);
        UserBean userBean = userMapper.getUserId(account,password);
        //五次错误的支付密码
        if(userBean==null){
            throw new CustomException(Code.ERROR, "账号或者密码错误！");
        }
        if(commonMapper.getErrorRecordCount(1,userBean.getId(),DateUtils.getToday())>=5){
            throw new CustomException(Code.PAYWARNING, "您今天已累计5次输入错误的支付密码，账户已被锁定，请于24小时后再操作。如需紧急解锁，请联系客服，客服电话。");
        }
        //安全验证接口
        AliSecurityBean ab = new AliSecurityBean(account,GetIp.getIp(request),sdkToken,loginType,source);
        Map<String,Object> map = AliSecurity.checkAlisecurity(ab);
        if(!map.get("final_decision").toString().equals("0")){
            //返回不安全的码
            return new RetBean(Code.ALISECURITY,"验证不安全",map.get("captcha_client_need_info"));
        }
        token = userLogin(userBean);
        return new RetBean(Code.SUCCESS,"登录成功",token);
    }

    /**
     * 安全的登录验证
     * @param request
     * @param response
     * @param account
     * @param password
     * @param sessionId
     * @return
     */
    @RequestMapping("/user/loginAqcheck.json")
    @ResponseBody
    public RetBean loginAqcheck(HttpServletRequest request,HttpServletResponse response,String account, String password,String sessionId){
            String token = "";
            if(StringUtils.isEmpty(account)){
                throw new CustomException(Code.ERROR, "账号不能为空！");
            }
            if(StringUtils.isEmpty(password)){
                throw new CustomException(Code.ERROR, "密码不能为空！");
            }
            password = DigestUitl.MD5LowerCase(password);
            UserBean userBean = userMapper.getUserId(account,password);
            if(userBean==null){
                throw new CustomException(Code.ERROR, "账号或者密码错误！");
            }
            //验证安全验证码
            if(AliSecurity.checkRisk(sessionId)!=1){
                throw new CustomException(Code.ALISECURITY, "验证失败");
            }
            token = userLogin(userBean);  //获取登录信息

        return new RetBean(Code.SUCCESS,"登录成功",token);
    }



    /**
     * 用户登录公用方法
     * @param userBean
     * @return
     */
    public String userLogin(UserBean userBean){
        //判断用户身份
        if(userBean.getUsertype() ==1){
            throw new CustomException(Code.ERROR, "商家请登录后台查看数据哦~");
        }
        if(userBean.getUsertype() ==4){
            throw new CustomException(Code.ERROR, "管理员请登录后台查看数据哦~");
        }
        //更新token
        String token = UUID.randomUUID().toString();
        if(userMapper.updateUserToken(userBean.getId(),token) <=0){
            throw new CustomException(Code.ERROR, "更新token异常！");
        }
        return token;
    }




}
